diff --git a/wp-content/plugins/events-calendar/ec_calendar.class.php b/wp-content/plugins/events-calendar/ec_calendar.class.php
index fc79f23aba98231a33eeecc343cdf8258d74787d..236463a1f45dd04de3eb146b79c9ed3d0a2a063d 100644
--- a/wp-content/plugins/events-calendar/ec_calendar.class.php
+++ b/wp-content/plugins/events-calendar/ec_calendar.class.php
@@ -45,10 +45,10 @@ $ecoptions = get_option('optionsEventsCalendar');
$ec_hide = $ecoptions['hidesponsor'] == 'true' ? 'display:none;' : '';
$widget_sponsor_message = '';
$large_sponsor_message = '';
-if(!$ec_hide) {
- $widget_sponsor_message = '<span style="font-size:.75em;">WPEC is proudly sponsored by <br /><a href="http://www.truemediaconcepts.com">True Media Concepts</a></span>' . "\n";
- $large_sponsor_message = '<span style="font-size:.7em;">WP Events Calendar is proudly sponsored by <a href="http://www.truemediaconcepts.com">True Media Concepts</a></span>' . "\n";
-}
+// if(!$ec_hide) {
+ // $widget_sponsor_message = '<span style="font-size:.75em;">WPEC is proudly sponsored by <br /><a href="http://www.truemediaconcepts.com">True Media Concepts</a></span>' . "\n";
+ // $large_sponsor_message = '<span style="font-size:.7em;">WP Events Calendar is proudly sponsored by <a href="http://www.truemediaconcepts.com">True Media Concepts</a></span>' . "\n";
+// }
/**
* Displays the events list and the calendars
*
diff --git a/wp-content/plugins/events-calendar/ec_db.class.php b/wp-content/plugins/events-calendar/ec_db.class.php
index bacd3ecd2389f67b3ad160c574d016960c8c670c..3b59d29a0d75790bf11bf2f66119de19a5f5fde8 100644
--- a/wp-content/plugins/events-calendar/ec_db.class.php
+++ b/wp-content/plugins/events-calendar/ec_db.class.php
@@ -225,7 +225,8 @@ class EC_DB {
* @param int $postId post id if use activated it
*/
function addEvent($title, $location, $linkout, $description, $startDate, $startTime, $endDate, $endTime, $accessLevel, $postID) {
- $postID = is_null($postID) ? "NULL" : "'$postID'";
+ global $wpdb;
+ /*$postID = is_null($postID) ? "NULL" : "'$postID'";
$location = is_null($location) ? "NULL" : "'$location'";
$description = is_null($description) ? "NULL" : "'$description'";
$startDate = is_null($startDate) ? "NULL" : "'$startDate'";
@@ -234,13 +235,41 @@ class EC_DB {
$startTime = is_null($startTime) ? "NULL" : "'$startTime'";
$accessLevel = is_null($accessLevel) ? "NULL" : "'$accessLevel'";
$endTime = is_null($endTime) ? "NULL" : "'$endTime'";
+ */
- $sql = "INSERT INTO `$this->mainTable` ("
+ /*$sql = "INSERT INTO `$this->mainTable` ("
."`id`, `eventTitle`, `eventDescription`, `eventLocation`, `eventLinkout`,`eventStartDate`, `eventStartTime`, `eventEndDate`, `eventEndTime`, `accessLevel`, `postID`) "
."VALUES ("
."NULL , '$title', $description, $location, $linkout, $startDate, $startTime, $endDate, $endTime , $accessLevel, $postID);";
- $this->db->query($sql);
+ $this->db->query($sql);*/
+
+ // Fix for sql injection possibility by @zap1989
+ $postID = is_null($postID) ? null : "$postID";
+ $location = is_null($location) ? null : "$location";
+ $description = is_null($description) ? null : "$description";
+ $startDate = is_null($startDate) ? null : "$startDate";
+ $endDate = is_null($endDate) ? null : "$endDate";
+ $linkout = is_null($linkout) ? null : "$linkout";
+ $startTime = is_null($startTime) ? null : "$startTime";
+ $accessLevel = is_null($accessLevel) ? null : "$accessLevel";
+ $endTime = is_null($endTime) ? null : "$endTime";
+
+ $wpdb->insert(
+ $this->mainTable,
+ array(
+ 'eventTitle' => $title,
+ 'eventDescription' => $description,
+ 'eventLocation' => $location,
+ 'eventLinkout' => $linkout,
+ 'eventStartDate' => $startDate,
+ 'eventStartTime' => $startTime,
+ 'eventEndDate' => $endDate,
+ 'eventEndTime' => $endTime,
+ 'accessLevel' => $accessLevel,
+ 'postID' => $postID
+ )
+ );
}
/**
@@ -259,11 +288,11 @@ class EC_DB {
* @param int $postId post id if use activated it
*/
function editEvent($id, $title, $location, $linkout, $description, $startDate, $startTime, $endDate, $endTime, $accessLevel, $postID) {
-
+ global $wpdb;
// just to make sure
if (empty($id))
return;
-
+/*
// todo get rid of the quotes here. don't need them anymore
// since we are using wpdb->prepare()
$postID = is_null($postID) ? "NULL" : "'$postID'";
@@ -276,7 +305,8 @@ class EC_DB {
$startTime = is_null($startTime) ? "NULL" : "'$startTime'";
$accessLevel = is_null($accessLevel) ? "NULL" : "'$accessLevel'";
$endTime = is_null($endTime) ? "NULL" : "'$endTime'";
-
+*/
+ /*
$sql = "UPDATE `$this->mainTable` SET "
."`eventTitle` = '$title', "
."`eventDescription` = $description, "
@@ -291,6 +321,38 @@ class EC_DB {
." WHERE `id` = $id LIMIT 1;";
$this->db->query($sql);
+ */
+
+ // Fix for sql injection possibility by @zap1989
+
+ $postID = is_null($postID) ? null : "$postID";
+ $location = is_null($location) ? null : "$location";
+ $description = is_null($description) ? null : "$description";
+ $startDate = is_null($startDate) ? null : "$startDate";
+ $endDate = is_null($endDate) ? null : "$endDate";
+ $linkout = is_null($linkout) ? null : "$linkout";
+ $startTime = is_null($startTime) ? null : "$startTime";
+ $accessLevel = is_null($accessLevel) ? null : "$accessLevel";
+ $endTime = is_null($endTime) ? null : "$endTime";
+
+ $wpdb->update(
+ $this->mainTable,
+ array(
+ 'eventTitle' => $title,
+ 'eventDescription' => $description,
+ 'eventLocation' => $location,
+ 'eventLinkout' => $linkout,
+ 'eventStartDate' => $startDate,
+ 'eventStartTime' => $startTime,
+ 'eventEndDate' => $endDate,
+ 'eventEndTime' => $endTime,
+ 'accessLevel' => $accessLevel,
+ 'postID' => $postID
+ ),
+ array(
+ 'id' => $id
+ )
+ );
}
/**
diff --git a/wp-content/plugins/events-calendar/ec_management.class.php b/wp-content/plugins/events-calendar/ec_management.class.php
index 92cb8f8f692164990f281ff0d9de79f502473fc9..db714c80e673cd197f136a63fddc1f03efa84639 100644
--- a/wp-content/plugins/events-calendar/ec_management.class.php
+++ b/wp-content/plugins/events-calendar/ec_management.class.php
@@ -120,10 +120,10 @@ class EC_Management {
// adds a new event to database
if(isset($_POST['EC_addEventFormSubmitted'])) {
// all the strings are escaped.
- $title = $wpdb->escape($_POST['EC_title']);
- $location = isset($_POST['EC_location']) && !empty($_POST['EC_location']) ? $wpdb->escape($_POST['EC_location']) : null;
- $linkout = isset($_POST['EC_linkout']) && !empty($_POST['EC_linkout']) && ($_POST['EC_linkout'] != $this->deflinkout) ? $wpdb->escape($_POST['EC_linkout']) : null;
- $description = $wpdb->escape($_POST['EC_description']);
+ $title = $_POST['EC_title'];
+ $location = isset($_POST['EC_location']) && !empty($_POST['EC_location']) ? $_POST['EC_location'] : null;
+ $linkout = isset($_POST['EC_linkout']) && !empty($_POST['EC_linkout']) && ($_POST['EC_linkout'] != $this->deflinkout) ? $_POST['EC_linkout'] : null;
+ $description = $_POST['EC_description'];
$startDate = isset($_POST['EC_startDate']) && !empty($_POST['EC_startDate'])? $_POST['EC_startDate'] : date('Y-m-d');
$startTime = isset($_POST['EC_startTime']) && !empty($_POST['EC_startTime']) ? $_POST['EC_startTime'] : null;
$endDate = isset($_POST['EC_endDate']) && !empty($_POST['EC_endDate']) ? $_POST['EC_endDate'] : $startDate;
@@ -266,7 +266,7 @@ class EC_Management {
* @param int $postID associated post id if available.
*/
function editEvent($id, $title, $location, $linkout, $description, $startDate, $startTime, $endDate, $endTime, $accessLevel, $postID) {
- $this->db->editEvent($id, addslashes($title), $location, $linkout, $description, $startDate, $startTime, $endDate, $endTime, $accessLevel, $postID);
+ $this->db->editEvent($id, $title, $location, $linkout, $description, $startDate, $startTime, $endDate, $endTime, $accessLevel, $postID);
}
/**
@@ -430,6 +430,8 @@ class EC_Management {
* @param int $id the event id.
*/
function editEventForm($id) {
+ if( !is_numeric( $id ) )
+ die( 'You should not be here.' );
$event = $this->db->getEvent($id);
$event = $event[0];
$linkout = !is_null($event->eventLinkout) ? stripslashes($event->eventLinkout) : $this->deflinkout;
@@ -657,7 +659,7 @@ class EC_Management {
$options['daynamelength'] = '3';
$options['daynamelengthLarge'] = '3';
$options['jqueryextremstatus'] = 'false';
- $options['hidesponsor'] = 'false';
+ //$options['hidesponsor'] = 'false';
}
if (isset($_POST['optionsEventsCalendarSubmitted']) && $_POST['optionsEventsCalendarSubmitted']) {
//echo var_dump($_POST);
@@ -673,7 +675,7 @@ class EC_Management {
$options['daynamelength'] = isset($_POST['daynamelength']) && !empty($_POST['daynamelength']) ? $_POST['daynamelength'] : '3';
$options['daynamelengthLarge'] = isset($_POST['daynamelengthLarge']) && !empty($_POST['daynamelengthLarge']) ? $_POST['daynamelengthLarge'] : '3';
$options['jqueryextremstatus'] = isset($_POST['jqxstatus']) ? $_POST['jqxstatus'] : 'false';
- $options['hidesponsor'] = isset($_POST['hidesponsor']) ? $_POST['hidesponsor'] : 'false';
+ // $options['hidesponsor'] = isset($_POST['hidesponsor']) ? $_POST['hidesponsor'] : 'false';
$options['accessLevel'] = $_POST['EC_accessLevel'];
update_option('optionsEventsCalendar', $options);
@@ -756,10 +758,10 @@ class EC_Management {
<th width="33%" scope="row" valign="top" style="text-align:right;"><label for="jqxstatus"><?php _e('jQuery Extrem Protection (checked = yes)','events-calendar'); ?></label></th>
<td width="67%"><input type="checkbox" <?php echo ($options['jqueryextremstatus']=="true") ? " checked" : "";?> name="jqxstatus" id="EC_jqxstatus" value="true" /> <?php _e('(Check if you don\'t see the Tooltips)','events-calendar'); ?></td>
</tr>
- <tr>
+ <?php /*<tr>
<th width="33%" scope="row" valign="top" style="text-align:right;"><label for="hidesponsor"><?php _e('Hide sponsor message?','events-calendar'); ?></label></th>
<td width="67%"><input type="checkbox" <?php echo ($options['hidesponsor']=="true") ? " checked" : "";?> name="hidesponsor" id="EC_hidesponsor" value="true" /> <?php _e('(Hides the sponsor message. Please don\'t, but if you do please donate.)','events-calendar'); ?></td>
- </tr>
+ </tr>*/?>
</table>
<input type="hidden" name="optionsEventsCalendarSubmitted" value="1" />
<p class="submit">
diff --git a/wp-content/plugins/events-calendar/events-calendar.php b/wp-content/plugins/events-calendar/events-calendar.php
index ca151d645f47922b8914f7474f9939699b21367b..ac195a87f5dde5e7f07c28d8f3f46f2658e5cd34 100644
--- a/wp-content/plugins/events-calendar/events-calendar.php
+++ b/wp-content/plugins/events-calendar/events-calendar.php
@@ -3,7 +3,7 @@
Plugin Name: WP Events Calendar
Plugin URI: http://www.wp-eventscalendar.com
Description: There are options under the widget options to specify the view of the calendar in the sidebar. The widget can be a list for upcoming events or a calendar. If you do not have a widget ready theme then you can place `<?php SidebarEventsCalendar();?>`, or `<?php SidebarEventsList();?>` for an event list, in the sidebar.php file of your theme. If you want to display a large calendar in a post or a page, simply place `[events-calendar-large]` in the html of the post or page. Make sure to leave off the quotes.
-Version: 6.7.9
+Version: 6.7.13
Author: Luke Howell
Author URI: http://www.lukehowell.com
*/
diff --git a/wp-content/plugins/events-calendar/readme.txt b/wp-content/plugins/events-calendar/readme.txt
index 6f1555ac9b736cfd149be8fd74ce0ac82a72155b..d32c76234b36b817076b2767eff5de718dcb4f5c 100644
--- a/wp-content/plugins/events-calendar/readme.txt
+++ b/wp-content/plugins/events-calendar/readme.txt
@@ -2,11 +2,11 @@
Contributors: snumb130
Donate link: http://www.wp-eventscalendar.com/donate
-Version: 6.7.9
+Version: 6.7.13
Tags: event, calendar, date, time, widget, admin, sidebar, plugin, javascript, thickbox, jquery, tooltip, ajax
Requires at least: 2.7.1
-Tested up to: 3.0
-Stable tag: 6.7.9
+Tested up to: 3.1.3
+Stable tag: 6.7.13
Events-Calendar is a versatile replacement for the original WordPress calendar adding many useful functions to keep track of your events.
@@ -20,15 +20,13 @@ If you are not using a widget ready theme, you can still have the calendar on yo
The ability to add a large public calendar is available by posting a page and adding `[events-calendar-large]` to the page content to create a stand alone calendar page. Also, when entering an event from the admin section, you can check the box saying "Create Post for Event", which will cause a post to be created with the event information.
-Additional features will be added so make sure that you keep up to date on upcoming changes and new features by subscribing to the [RSS feed on the Events Calendar site](http://www.wp-eventscalendar.com/feed). If you have a feature you would like added in future versions, feel free to submit it to our [bug tracker](http://tracker.eventscalendar.com).
+Additional features will be added so make sure that you keep up to date on upcoming changes and new features by subscribing to the [RSS feed on the Events Calendar site](http://www.wp-eventscalendar.com/feed).
== Installation ==
1. Upload `events-calendar` folder to the `/wp-content/plugins/` directory.
2. Activate the plugin through the Plugins menu in the Dashboard.
3. Set options under Events Calendar/Options on the admin menu.
-
- **When updating, you will need to deactivate and reactivate the plugin.**
== Screenshots ==
@@ -39,7 +37,26 @@ Additional features will be added so make sure that you keep up to date on upcom
5. Events Calendar as Widget List
6. Events Calendar as Large Calendar
+== Upgrade Notice ==
+= 6.7.13 =
+* This update fixes the issue with slashes in events. This will work on new events, and will be corrected when editing events. Backup before upgrading.
+
+= 6.7.12a =
+* This update fixes an XSS injection attack to the Wordpress plugin admin page that allowed for execution of arbitrary HTML code. When updating please backup your CSS file if you have made customizations to the stylesheet.
+
== Changelog ==
+= 6.7.13 =
+* This update fixes the issue with slashes in events. This will work on new events, and will be corrected when editing events. Backup before upgrading.
+
+= 6.7.12 =
+* This update fixes an XSS injection attack to the Wordpress plugin admin page that allowed for execution of arbitrary HTML code. When updating please backup your CSS file if you have made customizations to the stylesheet.
+
+= 6.7.11 =
+* Removing sponsor message
+
+= 6.7.10 =
+* Fixed SQL injection vulnerability pointed out by @zap1989
+
= 6.7.9 =
* Changed the way the sponsor message is shown and hidden to prevent have hidden links that were hurting SEO.